我正在开发一个移动应用程序,该应用程序将请求发送到我公司的公共API版本,并使用有效的证书进行安全连接 每当我尝试使请求握手异常无法获取本地发行者证书时,都会从我这边出现 当我运行此命令时
openssl s_client -showcerts-服务器名称pub.dartlang.org -connect pub.dartlang.org:443
输出如下所示
CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
---
Certificate chain
0 s:/CN=pub.dartlang.org
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=pub.dartlang.org
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3055 bytes and written 456 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 6E905904FEF3D9B5BA45A2F9140CD2DEC8F31F762759AB2193FD0649585348C9
Session-ID-ctx:
Master-Key: B7762B8FC1543749F02A0011ABBEC22E2C29CA0089F5A4410CCFDE2DB2F1067CED0D8496522292A0338E855E3C717B4E
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1571919503
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
read:errno=0
如何解决这个问题 -我不想使用信任所有证书的代码 -我不想将我的证书添加到资产文件夹
还有其他解决方案吗?像将我的证书添加到受信任的商店中?
答案 0 :(得分:0)
我通过使用 httpClient 信任我的证书解决了此问题 通过添加我的根证书和链证书,具体取决于此处的相同代码 Flutter add self signed certificate from asset folder